Professional Documents
Culture Documents
Facts e Proc
Facts e Proc
Disclaimer
The information contained in this Request for Proposal (RFP) Document is being provided to
select limited number of Service Providers/agency on the terms and conditions set out in this
Tender.
This is a Limited Tender, being issued to the participants found eligible under the EoI for Fraud
Control Analytics Platform and Services for NHA. Other participants are not permitted to
participate in this RFP.
The purpose of this Tender Document (hereinafter called RFP: Request for Proposal) is to
provide eligible interested parties with information that may be useful to them in making their
technical and financial offers pursuant to this RFP. This RFP includes statements, which reflect
various assumptions and assessments arrived at by the NHA (National Health Authority) in
relation to the Project. Such assumptions, assessments and statements do not purport to
contain all the information that each Bidder may require. This RFP may not be appropriate for
all persons, and it is not possible for the NHA, its employees or advisors to consider the
investment objectives, financial situation and particular needs of each party who reads or uses
this RFP. The assumptions, assessments, statements and information contained in the RFP
Document may not be complete, accurate, adequate or correct. Each Bidder should, therefore,
conduct its own investigations and analysis and should check the accuracy, adequacy,
correctness, reliability and completeness of the assumptions, assessments, statements and
information contained in this RFP Document and obtain independent advice from appropriate
sources.
Information provided in this RFP to the Limited set of Bidders is on a wide range of matters,
some of which may depend upon the interpretation of law. The information given is not intended
to be an exhaustive account of statutory requirements and should not be regarded as a
complete or authoritative statement of law. The NHA accepts no responsibility for the accuracy
or otherwise of any interpretation or opinion on law expressed herein.
The NHA, its employees and advisors, make no representation or warranty and shall have no
liability to any person, including any Bidder under any law, statute, rules or regulations or tort,
principles of restitution or unjust enrichment or otherwise for any loss, damages, costs or
expenses which may arise from or be incurred or suffered on account of anything contained in
this RFP or otherwise, including the accuracy, adequacy, correctness, completeness or
reliability of the RFP and any assessment, assumption, statement or information contained
therein or deemed to form part of this RFP Document or arising in any way for participation in
this Bid Process. The NHA also accepts no liability of any nature, whether resulting from
negligence or otherwise howsoever caused, arising from the reliance of any Bidder upon the
statements contained in this RFP.
Page 2 of 94
RFP: Fraud Control Analytics Platform and Services
The NHA may, at its absolute discretion, but without being under any obligation to do so, update,
amend or supplement the information, assessment or assumptions contained in this RFP
Document. The issue of this RFP Document does not imply that the NHA is bound to select or
appoint a Bidder, as the case may be, for the Project and the NHA reserves the right to reject
all or any of the Bidder or Bids without assigning any reason whatsoever.
The Bidders shall bear all costs associated with or relating to the preparation and submission
of its Bid including but not limited to preparation, copying, postage, delivery fees, expenses
associated with any demonstrations or presentations which may be required by the NHA or any
other costs incurred in connection with or relating to its Bid. All such costs and expenses will
remain with the Service Provider/agency and the NHA shall not be liable in any manner
whatsoever for the same or for any other costs or other expenses incurred by a Bidder in
preparation or submission of the Bid, regardless of the conduct or outcome of the Bidding
Process.
Page 3 of 94
RFP: Fraud Control Analytics Platform and Services
Table of Contents
1. INVITATION TO PROPOSAL .............................................................................................................. 7
3. ABOUT US ......................................................................................................................................... 11
Page 4 of 94
RFP: Fraud Control Analytics Platform and Services
Page 5 of 94
RFP: Fraud Control Analytics Platform and Services
Table of Tables
TABLE 1: FACT SHEET AND RFP SCHEDULE .............................................................................................. 10
TABLE 2: PROJECT TIMELINES................................................................................................................... 36
TABLE 3: PILOT PHASE IMPLEMENTATION .................................................... ERROR! BOOKMARK NOT DEFINED.
TABLE 4: PILOT PHASE PAYMENT MODEL .................................................... ERROR! BOOKMARK NOT DEFINED.
TABLE 5: M ANPOWER REQUIREMENTS (PHASE 1) ........................................ ERROR! BOOKMARK NOT DEFINED.
TABLE 6: M ANPOWER REQUIREMENTS (PHASE 2) ........................................ ERROR! BOOKMARK NOT DEFINED.
TABLE 7: DELIVERABLES (PHASE 1) ........................................................... ERROR! BOOKMARK NOT DEFINED.
TABLE 8: DELIVERABLES (PHASE 2) ........................................................... ERROR! BOOKMARK NOT DEFINED.
TABLE 9: THREE COVER BID SUBMISSION ................................................................................................... 54
TABLE 10: PRE-QUALIFICATION CRITERIA.................................................... ERROR! BOOKMARK NOT DEFINED.
TABLE 11: TECHNICAL EVALUATION CRITERIA (TEC).................................................................................. 58
TABLE 12: TEC (RELEVANT EXPERIENCE) .................................................. ERROR! BOOKMARK NOT DEFINED.
TABLE 13: TEC (PROPOSED SOLUTION) ..................................................... ERROR! BOOKMARK NOT DEFINED.
TABLE 14: TEC (TECHNICAL PRESENTATION AND PRODUCT DEMO) ............................................................ 59
TABLE 15: TEC (PROPOSED RESOURCE EVALUATION- PHASE 1) ................. ERROR! BOOKMARK NOT DEFINED.
TABLE 16: TEC (PROPOSED RESOURCE EVALUATION- PHASE 2) ................. ERROR! BOOKMARK NOT DEFINED.
TABLE 17: FORMULAE FOR FINAL EVALUATION........................................................................................... 60
TABLE 18: PAYMENT MILESTONES ............................................................................................................. 63
TABLE 19: PENALTIES FOR DELAY IN GO-LIVE ........................................................................................... 66
TABLE 20: DEFINITIONS (SERVICE LEVELS) ................................................................................................ 67
TABLE 21: SERVICE LEVELS ...................................................................................................................... 70
TABLE 22: PRE BID QUERIES (BIDDERS INFORMATION) ................................................................................ 71
TABLE 23: FORMAT FOR PRE BID QUERIES ................................................................................................. 71
TABLE 24: PRE-QUALIFICATION COMPLIANCE .............................................. ERROR! BOOKMARK NOT DEFINED.
TABLE 25: BIDDERS PROFILE .................................................................................................................... 77
TABLE 26: CITATION FORMAT ..................................................................... ERROR! BOOKMARK NOT DEFINED.
TABLE 27: RESOURCE DEPLOYMENT PLAN ................................................................................................. 77
TABLE 28: CV FORMAT ............................................................................................................................. 78
TABLE 29: COMMERCIAL BID FORMAT ........................................................................................................ 82
Page 6 of 94
RFP: Fraud Control Analytics Platform and Services
1. Invitation to Proposal
New Delhi
Date: 04/09/2019
The Government of India is committed to ensuring highest possible level of health and well-
being for all, through a preventive and promotional health care orientation in developmental
policies and universal access to good quality health care services without anyone having to
face financial hardship. To fulfill this vision, the Government of India conceptualized ‘Ayushman
Bharat – a flagship initiative that attempts to move away from sectoral and segmented approach
of service delivery to a comprehensive need-based healthcare service. Ayushman Bharat
adopts a two-pronged approach. Firstly, the creation of health and wellness centers to bring
health care closer to homes. Secondly, Ayushman Bharat – Pradhan Mantri Jan Arogya Yojana
to protect poor and vulnerable families against financial risk arising out of catastrophic health
episodes. For focused approach and effective implementation of AB-PMJAY, an autonomous
entity, the National Health Agency was constituted. Established as a Society on 11th May 2018,
the agency was registered under the Society Registration Act, 1860. The National Health
Agency is reconstituted as the National Health Authority through a cabinet decision. Through
the decision, the National Health Agency has been dissolved and has been replaced by
National Health Authority (NHA) as an attached office to Ministry of Health & Family
Welfare. NHA provides overall vision and stewardship for design, roll-out, implementation and
management of AB-PMJAY in alliance with state governments. Inter-alia, this
includes, formulation of AB-PMJAY policies, development of operational guidelines,
implementation mechanisms, coordination with state governments, monitoring and oversight of
AB-PMJAY amongst other.
The objective of this limited RFP is to seek the services of an agency to design, develop,
implement, operate and maintain Fraud Control Analytics Platform and related services for
National Health Authority. This is a limited tender being issued to the participants found eligible
in the Expression of Interest phase of the project. The selection of the agency shall be done as
per Quality and Cost Based Selection method i.e. QCBS method as provided in this RFP.
Only the following organizations who have conducted the PoC at NHA and were observed to
be technically suitable by NHA are eligible to participate and submit their bids against this RFP.
No other organization shall be permitted to submit their response against this RFP. Only the
following organizations may apply through this RFP:
a. MFX Infotech Private limited
The website for accessing the information related to this RFP is central public procurement
portal (CPPP) i.e. https://eprocure.gov.in/eprocure/app and PMJAY website -
www.pmjay.gov.in. Interested bidders are requested to submit their proposals on CPPP to the
“RFP” on or before the timelines as mentioned on CPPP.
Thank you and we look forward to receiving your proposal.
Warm regards
General Manager (IT)
National Health Authority
Page 8 of 94
RFP: Fraud Control Analytics Platform and Services
Page 9 of 94
RFP: Fraud Control Analytics Platform and Services
Page 10 of 94
RFP: Fraud Control Analytics Platform and Services
3. About Us
3.1. Background
Ayushman Bharat - Pradhan Mantri Jan Arogya Yojana (AB PMJAY) is an attempt to move
from sectoral, segmented and fragmented approach of service delivery through various
National and State/UT schemes to a bigger, more comprehensive and better converged need-
based service delivery of secondary and tertiary care. Ayushman Bharat Pradhan Mantri Jan
Arogya Yojana (AB PMJAY) seeks to accelerate India’s progress towards achievement of
Universal Health Coverage (UHC) and Sustainable Development Goal - 3 (SDG3). It has the
potential to transform the healthcare landscape of India It will not only increase the efficiency
and reach, but will also provide financial health protection for most of the hospitalisation cost
thereby reducing out of pocket expenditure on health significantly but also help reduce Out of
Pocket Expenditure (OOPE) for hospitalizations. It will help mitigate the financial risk arising out
of catastrophic health episodes.
Page 11 of 94
RFP: Fraud Control Analytics Platform and Services
Responsibility of implementing AB PMJAY shall lie with States. They can choose preferred
mode of implementation which can be either through Insurance Companies, Trust or a mixed
approach.
States can implement their own schemes in Alliance with AB PMJAY.
A robust, modular, scalable and interoperable IT platform connecting NHA with SHAs and
beneficiaries to the designated private and public health providers is being developed.
Benefit package includes identified surgical, medical and day-care benefits of secondary and
tertiary nature. Procedures also include lifesaving and emergency treatments that primarily
account for catastrophic expenses for families.
Payment for treatment on package rate (defined by the Government in advance) basis. States
will have the flexibility to modify these rates as per guidelines.
Public hospitals will get additional funds through claim payments from Insurance Companies/
Trust for treatment provided to beneficiaries. They can use this fund to strengthen their facilities
and to provide incentives.
While ensuring user convenience, AB PMJAY would create robust safeguards to prevent
misuse/ fraud/ abuse by providers and users.
A well-defined Complaint & Public Grievance Redressal Mechanism, actively utilizing
electronic, mobile platform, internet as well as social media, will be put in place.
The ratio of contribution towards premium/cost between Centre and State will be 60:40 in all
States except North Eastern States & 3 Himalayan States where the ratio is proposed to be
90:10. In the case of Union Territories, the Central contribution of premium is proposed to be
100% for UTs without legislature, while it is proposed to be 60:40 for those with legislature.
Transfer of grant-in-aid as premium to the Insurance Company / actual cost to the Trust and
administrative funds to SHA to be made through dedicated escrow accounts.
Page 12 of 94
RFP: Fraud Control Analytics Platform and Services
required. NHA will also coordinate with regulatory bodies including IRDAI and other
initiatives/ agencies /authorities for sectoral reforms on behalf of the AB PMJAY.
Database of beneficiaries: Providing database of eligible beneficiary families (AB PMJAY
database) to the States. In case State is covering a larger number of beneficiaries than AB
PMJAY under their own Scheme, they can use their own database, subject to an assurance by
the State that all AB PMJAY eligible families (as decided by their inclusion in SECC database)
have been included in the State database.
Operational Guidelines and Model Tender Document (MTD) for selection of Insurance
Company, Implementation Support Agency (ISA), and Third Party Administrators (TPAs):
Provide AB PMJAY operational guidelines and MTD and any possible modifications to it from
time to time to States, as guiding posts for implementation under the ambit of the policy and the
technology while providing requisite flexibility / discretion to the States (as per due process) to
optimally chalk out the activities related to implementation in light of the special conditions of
their own State/ UT. NHA will exercise general scrutiny on the tendering process carried out by
States/SHA.
National Portability: Laying down the process and terms for extending portability of benefits to
all AB PMJAY beneficiaries at any empaneled health care providers (public and private) across
India.
IT System and Technical Support: Provide a Central IT platform with functional modules for
identification of eligible beneficiaries, transaction and claim management and provision of all
services under AB PMJAY. This will include Grievance Redressal platform and national
helpline.
Packages and criteria for empanelment of health care providers: Provide list of packages along
with indicative rates for treatments under AB PMJAY. Criteria for empanelment of health care
provider under AB PMJAY will also be provided. These can be adapted to State-specific
situation as per defined process.
Awareness Generation: Enable beneficiaries (who are the primary audience of this Mission) to
receive correct information about entitlements, scheme benefits, empanelment and other key
details, by providing the States with standardized awareness generation materials for
dissemination, which can be adapted to local languages. Amongst the secondary audience
(media, general audience etc.), create positive news around AB PMJAY and position AB
PMJAY as a game changer in achieving Universal Health Coverage. NHA will also develop
communication and training material for other secondary audiences such as hospitals, Front
Line Workers etc. to prepare them in implementing the scheme.
Training and Capacity Building: Provide standard training manuals for stakeholders and support
the States in organizing training of trainers and other capacity building activities in the State.
Page 13 of 94
RFP: Fraud Control Analytics Platform and Services
Review and monitor progress under AB PMJAY: Review the performance of the Scheme and
monitor it on a regular basis and issue necessary directions from time to time.
Page 14 of 94
RFP: Fraud Control Analytics Platform and Services
scheme. They will also liaise with the local media in disseminating the salient features of the
scheme
Tendering process for selection of Insurance Company or Setting-up / Identification of a Trust:
For Insurance mode, carry out tendering process (based on MTD shared by NHA) for selection
of an Insurer and signing of contract upon selection. OR Setting up of SHA / Trust with requisite
capacities for implementation of AB PMJAY in Trust mode.
Empanelment of Health Care Providers: The responsibility for empanelment of health care
providers lies with the State Government/ SHA. The SHA may take support of Insurance
Companies, if applicable and / or required. All public hospitals (CHC and above) will be deemed
to be empaneled.
Timely release of funds (to Insurance Company or to Hospitals): For Insurance mode, release
premium to insurance company, through dedicated escrow account, in a timely manner as per
the defined guidelines. For Trust mode, timely claim payments to empaneled Health Care
Providers to be paid as per the defined guidelines.
Monitoring: Monitoring the scheme effectively is the most important function of SHA and it shall
set up a comprehensive monitoring system for AB PMJAY, which shall be integrated with IT
system through data for fraud/ abuse prevention and control.
Page 15 of 94
RFP: Fraud Control Analytics Platform and Services
4. Scope of Work
The following is the envisaged scope of work under this RFP. It is clarified that the scope of
work is not exhaustive but indicative in nature and not limited to the scope provided here and
the agency shall undertake such other tasks, within the scope of the RFP, as may be necessary
to implement the scope and the project efficiently and effectively in order to achieve the desired
objectives.
Page 16 of 94
RFP: Fraud Control Analytics Platform and Services
The fraud analytics solution is envisaged to be used by NHA and its key stakeholders within
NHA ecosolution. This solution will take in data from various internal and external sources,
transform the data and present the data in an analyzable capability (with slicing / dicing
capability). The solution shall also make data-based predictions, contain best suited models/
algorithms to identify and detect frauds while providing more effective data insights.
The Data Ingestion component is required to ensure that the case data obtained by the
respective IO is ingested into a central repository which can then enable a holistic view of the
data for further analysis. The data may be available in structured / semi-structured /
unstructured formats; in electronic / paper form; provided in a batch or iteratively; or some other
unforeseen scenario may also be
encountered during the course of investigation(s). The Fraud management solution should be
flexible enough to cater to case requirements.
Please Note:
The Implementing Partner (IP) has to follow Agile methodology through the entire project
lifecycle. In case, it has been missed for any section/ phase/ deliverable, it may be read
as Agile Methodology may be followed
medicines when generic versions are available). ‘Abuse’ refers to those provider practices that
are inconsistent with sound fiscal, business, or medical practices, and result in an unnecessary
cost to the AB-PMJAY, or in reimbursement for services that are not medically necessary or
that fail to meet professionally recognized standards for health care. It also includes beneficiary
practices that result in unnecessary cost to the AB-PMJAY. Whereas fraud is willful and
deliberate, involves financial gain, is done under false pretense and is illegal, abuse generally
fails to meet one or more of these criteria. The main purpose of both fraud and abuse is financial
and non-financial gain. Few examples of common health insurance abuse would be - excessive
diagnostic tests, extended length of stay and conversion of day procedure to overnight
admission.
Provider Fraud Fraud conducted by any private or public health service provider
empanelled for providing services under AB-PMJAY.
Page 18 of 94
RFP: Fraud Control Analytics Platform and Services
Page 19 of 94
RFP: Fraud Control Analytics Platform and Services
V. M/s Greenojo
Page 20 of 94
RFP: Fraud Control Analytics Platform and Services
or through API by external agencies or available in public domain) for early detection
and prediction of non-compliance issues/ fraud as it becomes available
c. Generate Real Time Intelligence and BI reports and dashboards
d. Enable end-to-end verification to find out outliers and monitor high risk scenarios
based on effective classification of individuals, entities, segments, groups, clusters
etc.
e. Have a dynamic and flexible solution with ability to automatically learn from events,
feedback and results
f. Provide real time inputs and alerts during the investigation process at the State and
center level in more enhanced and effective manner
g. Provide insights and recommendations for policy formulation/ modification to plug
any loop holes and tighten procedures as may get highlighted during the analysis
h. Solutions’ capability to be offered as a service, which can be integrated with PM-
JAY core solution and support relevant workflows viz pre-AUTH/claim rejection,
investigation, medical audit etc.
i. 360 degree risk based scoring of entities (Provider, Beneficiary, PMAM, TPA,
CSC/VLE etc.)
j. Real Time Risk scoring of Transactions/ cases
k. Customized on demand Reporting Capability as per user needs
l. Demographic profiling of entities
m. Content/Visualizations/Infographics to showcase analytics being conducted/ Cases
identified for Leadership Reviews, Presentations etc
n. Provide Inputs for Research Papers and Policy briefs from a data Mining Perspective
as requested by NHA Team
o. Capacity building of End Users as specified by NHA to demo / showcase the
systems/ platforms/ analytical results/ techniques developed
p. The solution should support both OTP (One Time Password)/soft tokens and PKI
(Public Key Infrastructure) based user authentication technologies
4.1.5. Detailed Scope of Work of Fraud Analytics Control and Tracking System
(FACTS)
360* view of all suspect/confirmed fraudulent transactions/entities involved in
committing fraud under/around PMJAY with workflow enabled end to end tracking and
closure.
a. Provide a unified view of all the potential suspicious cases as well as the confirmed
fraudulent cases that are happening inside the PMJAY ecosystem.
b. Ability to ingest data from various sources:
Page 22 of 94
RFP: Fraud Control Analytics Platform and Services
o TMS
o BIS
o HEM
o Call centre
o Grievance portal
o Any other fraud reported within PMJAY ecosystem (will be achieved through
Record entry page)
o Ad-hoc inputs either through a ingestion form or through API
o External data sources (through API)
o Data in public domain
c. Provide a holistic view in context to risk scoring of a particular entity including:
o Beneficiary
o Provider
o PMAM
o CSC/VLE
o CPD/PPD
o TPA/ISA/IC
o Treating doctor
o Specialty
o Procedure/Packages
o Others
d. Provide insight on entity level association/co-relation, accumulation and
aggregation, risk profiling and heat maps
e. Provide insight on the fraudulent or suspicious cases taking place in a particular
state/district/hospital/ treating doctor/PMAM, and drilling down to the lowest level of
granularity.
f. Provide a dashboard on the existing cases under investigation and cases closed by
the state to monitor state performance.
g. Provide an insight on the key utilisation trends around a particular package,
speciality
h. Provide a holistic view on the cases reported against a particular fraud scenario/set
of triggers in a particular geography correlated with a particular entity.
i. Provide capability to record fraud happening outside PMJAY systems but around
PMJAY e.g. fake recruitment rackets, collection of beneficiary data, issuance of fake
cards (not in BIS) etc.
j. Provide capability to trigger a course correction initiation/email to relevant team if
need be e.g. HEM, TMS or BIS team could be alerted/informed about suggested
Page 23 of 94
RFP: Fraud Control Analytics Platform and Services
course correction arising out of new scenarios (this would help keep a record on
generation of such request, rest process need not happen inside FACTS).
k. Managing key investigation steps up
l. Keep up to date on the recovery of amount
m. Generate a standard template for : showcause, suspension, de-empanelment _ why
is this needed- we can create the template and they need to code this in the system
n. Interact with key systems for taking key actions :
o De-empanelment of hospital
o Blocking of cards
o Denial of transaction
o. Ability to initiate an investigation against a suspicious case tracking its activity at
each ode in investigation process managing SLAs and capturing the response of
the investigation and concluding the case as fraud/non-fraud. Key systems
envisaged :
o TMS
o BIS
o HEM
o Using Kaizala to push cases for medical audit/field investigation and
receiving response back via Kiazala only
p. Ability to generate alerts both at NAFU, SAFU, Provider, PPD, CPD, Hospital,
Beneficiary level against a particular entity or general purpose messages.
q. Inter-communication module among the entities on E-mail or other mechanism.
r. Ability to incorporate feedback and utilise the feedback for data enrichment.
s. Provide a business intelligence view for trend analysis using Top 10 entities by case
No. across the combination of:
o States
o Hospitals, treating doctor
o Districts
o Specialities
o Procedures
o Referral entity
o Approving entity
t. Ability to configure business rules and provide ad-hoc reporting feature to the
business user.
u. Ability to interact with BIS, HEM, TMS on real time basis for e.g. If a case is triggered
as suspicious then the same should be marked in TMS as suspicious case and
Page 24 of 94
RFP: Fraud Control Analytics Platform and Services
Page 25 of 94
RFP: Fraud Control Analytics Platform and Services
* The above diagram depicts the solution overview with the existing IT solution for PMJAY (BIS,
HEM, TMS etc.) deployed by NHA However, NHA is currently envisaging a new IT solution for
PMJAY which may be implemented in near future. It is expressively clarified that the
Implementing partner shall provision all its services including but not limited to Data acquisition
and integration with the new PMJAY IT 2.0 (at its’ go-live) at no extra cost to NHA.
4.1.7. Obligations of NHA
NHA will be responsible for the following:
a. Provide necessary support to the Implementing Partner (IP), where ever required
for developing the fraud analytics models and use cases – This is ambiguous- What
support- we will provide hardware and help them in setting up access
b. Facilitate proper collaboration between the existing MSP and to be selected
Implementing Partner (IP), which may include making the documentation of the
solution available, training/ knowledge sharing sessions, etc.
c. NHA will ensure that data of the PM-JAY solution shall be provided to Implementing
Partner (IP) as per the defined intervals and as and when required by Implementing
Partner (IP)
d. Facilitating Implementing Partner (IP) to obtain data from other Departments/
Agencies (as and when required)
e. Providing necessary office infrastructure, space and other accessories for the
Implementing Partner (IP) resources at Delhi. The Implementing Partner (IP) needs
Page 26 of 94
RFP: Fraud Control Analytics Platform and Services
to bring in requisite laptops/software etc. required for the project. It may be noted
that the resources will not be able to use any external devices on these laptops.
Page 27 of 94
RFP: Fraud Control Analytics Platform and Services
o. The solution should enable updation of original record with revised record keeping a
clear linkage between the original and revised record.
p. The solution should provide data services, which will act as the single data
processing service for data received through multiple modes.
q. In case the data file is not properly encrypted or there is any other security concern,
the file must be rejected and deleted. A status should be sent to the sender along
with the reason and file id present in the XML/XBRL header.
r. The solution should provide data to consuming applications by physical bulk data
movement between data repositories.
s. The solution should support data delivery across the range of latency requirements,
including scheduled batch delivery, streaming/near-real-time delivery, event-driven
delivery of data based on identification of a relevant event.
4.2.2. Data Analytics
Data Analytics enables identification of useful / actionable information for effective
decision making and investigation.
a. The solution should have the capability of performing advanced data analytics such
as clustering, classification, profiling, anomaly detection, predictive modelling,
scoring, regression, link prediction, co-occurrence grouping, similarity matching,
causal modelling and machine learning.
b. The proposed solution should accept text from commonly used text sources such as
ASCII text, Microsoft Word files, Adobe PDF files, Microsoft Excel files, XML/XBRL
Files.
c. The solution should support both statistical and rule based classification mechanisms
for categorization of text data.
d. The solution should have pre-configured libraries and features to identify and extract
entities such as names, persons, organizations and locations from text data.
e. The solution should have the capability of using natural language processing (NLP)
techniques to identify main topics of discussion and correlated topics.
f. The solution should create a web of linked data from internal data (Databases,
XML/XBRL etc.) and entities extracted from unstructured data.
g. The solution should support use of ontologies to define relationships, concepts and
areas of concern to organize knowledge.
h. The solution should provide an interface for adding and modifying ontologies.
i. The solution should identify relationships across multiple entities and entity types.
j. The solution should be capable of drawing inferences i.e. discovering new
relationships from linked data using automatic procedures based on ontologies.
Page 28 of 94
RFP: Fraud Control Analytics Platform and Services
k. The solution should be able to provide an intelligent tool for searching individuals,
entities, addresses using common attribute and relational data (related party search).
l. The solution should enable user to filter the search results by selecting or deselecting
specific attributes.
m. The solution should be able to detect and present linkage between any two entities
n. The solution should be able to compute adjacency (whether there is a direct
connection from entity to another), reachability (whether two entities are connected
or not by way of either a direct or an indirect linkages) etc.
o. The solution should provide an interface for navigating through the related
information using the linkages.
p. The solution should be able to form network of entities on the basis of relevance of
relationships between entities in semantic web (individuals, entities, addresses etc.)
using user defined rules.
q. The solution should be capable of discovery of meaningful correlations, patterns and
trends by sifting through large amounts of data stored in repositories employing
statistical and mathematical techniques.
r. The solution should demonstrate near similar performance with growth in data
volume
s. The structured and unstructured data made available during the course of
investigation is to be loaded into the central data repository in standardized format(s).
One such format may be the POLE Framework (People, Objects, Location, and
Events) which allows creation of master/golden record for an entity and updating the
same with additional data obtained subsequently.
4.2.3. Reporting and Dashboards
The solution should publish standard reports with predefined frequency covering the
elements from various sources :
a. Including HEM, TMS, BIS, Grievance, Complaints etc.
b. Link analysis using visualization tools
c. Timeline chart / chronology of events
d. Text analytics
e. Real time dashboarding capabilities
f. Machine learning analysis including statistical analysis. e.g., neural networks,
decision trees, regression, anomaly detection, clustering, etc.
g. The solution should present performance indicators and dashboards to authorised
users
h. The standard reports and MIS should be parameterized to enable users to choose
the filters and ranges of their choice.
Page 29 of 94
RFP: Fraud Control Analytics Platform and Services
i. The solution should enable users to download information in common formats such
as EXCEL,PDF etc.
j. The solution should enable designated users to develop a customised dashboard
k. The solution should enable authorised users in handling of multi-dimensional
analysis (i.e. slicing and dicing the data) with drill-down, drill-up and drill-across
facilities.
l. The solution should provide an interface to enable users to submit request for
execution of customised query.
4.2.4. Case Management
Case Management module assists the division in managing the life-cycle of the case. It
helps the cases offices by providing case related information and analysis reports for
effective assessment and investigation.
a. The solution should present case related information and analysis to authorized
users for further processing.
b. The solution should have the capability to prepare customized case as per specific
user requirements based on selection of information and analytical elements.
c. The solution should provide a web-based interface to show case related information
and analysis to authorized users for further processing.
d. The solution should enable the user to drill down into the detailed data.
e. The solution should enable the user to access uploaded or linked documents.
f. The solution should present results on analysis (mismatch analysis, standard
quantification methods, network analytics etc.) in pre-defined format.
g. The solution should present the network diagram showing relationships (if number
of nodes is within a range) in pre-defined format.
h. The solution should have the capability to present information such as entity
(Provider /Beneficiary/PMAM/ CSC/VLE etc.) details and related entities (Treating
doctor etc.), relationships, standard analysis, evaluations, etc.
i. The solution should enable authorized users to carry out various case related
activities such as search, modify linkages, make request for information, link
additional information/documents, conduct predefined analysis, request for
enhanced report, provide case feedback, prepare case report etc.
j. The solution should enable cross references of the terms used in the case reports
by providing hyperlinks of the terms used to standard dictionaries.
k. The solution should allow record and maintain the access history (for user defined
period) for every successful and unsuccessful login by the user.
Page 30 of 94
RFP: Fraud Control Analytics Platform and Services
l. The solution should enable authorized users to search both structured and
unstructured data in the Data Warehouse. The coverage of search facility will
depend on the underlying privileges of the user.
m. The solution should enable authorized users to make request for information from
external agencies (financial institutions, Departments, Regulators etc.) with whom
data exchange mechanisms have been enabled.
n. The solution should enable authorized users to link additional information and
documents collected during the investigation.
o. The solution should provide an interface to enable authorized users to upload
information and documents related to a case in a predefined XML/XBRL format
p. The solution should enable authorized users to capture information related to a case
or investigation in standard template.
q. The solution should enable authorized users to download data in Excel or CSV for
carrying out customized analysis.
r. The solution should enable authorized users to support from other authorized users
for analysis support, investigation support from other authorized users.
s. The solution should enable authorized users to provide analysis support and
investigation support as per pre-defined process.
t. The solution should enable authorized users to reassign the case to other authorized
user as per pre-defined rules (based on functional requirement, jurisdiction,
supervisory hierarchy etc.)
u. The solution should enable authorized users to close case after taking approval of
appropriate approving authority as per predefined closure rules.
v. The solution should enable authorized users to provide case feedback as per
prescribed template. This feedback will be used to assess the effectiveness and
fine-tuning of models in Alert and Risk Management.
w. The solution should enable authorized users to develop and maintain online case
reports.
x. The solution should enable authorized users populate different sections of the report
by referring to different sections of the case.
y. The solution should enable authorized users to define the component of the case
report by selecting available case components as per requirements.
z. The solution should enable multiple users to work on the case while maintaining
distinction between users updating the information.
aa. The solution should enable authorized users to generate and print reports in PDF,
Excel and XML/XBRL in a pre-defined format.
Page 31 of 94
RFP: Fraud Control Analytics Platform and Services
bb. The solution should enable authorized users to transmit the case or access to case
information to the selected recipient.
cc. The solution should enable authorized users to disseminate the report to single or
multiple users / user groups.
dd. The solution should enable authorized users to search the Data warehouse for
information
ee. The solution should ensure that the digital data in case is managed appropriately
and is in compliance to the e-Governance Standard for Preservation Information
documentation (eGov-PID) of Electronic Records published by MeitY.
ff. The solution should enable authorized users to know whether more than one user
is working on a case.
gg. The solution should enable networking of multiple users working on a case after
seeking consent of users or approval of prescribed authority.
hh. The solution should be able to send configurable notification to authorized users on
predetermined event or receipt of additional information related to the case.
ii. The solution should have the capability to assign cases to specific officers on the
basis of jurisdiction or specific allocation rule to enable effective utilization of
available resources.
jj. The solution should have the capability to provide flexibility to local supervisory
hierarchy in assignment of cases.
kk. The solution should have the capability to manage the lifecycle of the case to ensure
closure of issue and capture of feedback.
ll. The solution should enable linking of factual issues with the case for effective
analysis.
mm. The solution should capture the feedback on the various alerts.
nn. The tool should have features related to user management, role based access and
privileges and allow multiple users to work in parallel
4.2.5. Case Management
a. The solution should be capable of customizing the alert generating scenarios and
parameters for different entity categories on the basis of user defined definitions. It
should enable to frame new rules and augment existing rules.
b. The solution should enable authorized users to create and modify risk dimensions.
c. The solution should allow authorized users to submit a request for new type of alert
which will be executed after approval of designated authority.
4.2.6. Knowledge Management
a. Allow the users to search for specific case based on rights.
b. Allow the users to start discussion forums, respond in discussion forums etc.
Page 32 of 94
RFP: Fraud Control Analytics Platform and Services
Page 33 of 94
RFP: Fraud Control Analytics Platform and Services
Project Initiation Project kick off 1. Kick off meeting presentation T+1 Week
Deployment of key 2. List of key personnel deployed, CVs
personnel and Attendance register
Submission of key Deliverables: T+2 Weeks
documents i. Submission of charter
ii. Submission of detailed project plan
Broad technical Deliverables: T+2 Weeks
architecture and BOM i. Design high level technical,
deployment, network architecture and
approval from NHA
ii. Discussion on BOM and approval
from NHA
Environment Setup of Development System report to NHA T+3 Weeks
Setup Environment
Setup of Staging System report to NHA T+4 Weeks
Environment
Setup of Test System report to NHA T+4 Weeks
Environment
Page 35 of 94
RFP: Fraud Control Analytics Platform and Services
Page 36 of 94
RFP: Fraud Control Analytics Platform and Services
Page 37 of 94
RFP: Fraud Control Analytics Platform and Services
NHA & its designated authority/ TPA (if any) shall conduct functional, security &
performance testing of the systems provided by the agency. NHA would be free to
conduct such testing at any stage in addition to testing being done by the agency.
The agency shall obtain sign-off from the NHA on the UAT after successful
implementation of all the changes/ recommendations received from NHA & its
designated authority/ TPA (if any).
The agency shall design the testing strategy including traceability matrix, test cases and
conduct testing of various components of the solution developed/customized/
configured.
The testing shall include joint testing and integration testing with all partner systems.
The system will have to undergo a comprehensive testing that shall include Unit Testing,
System Testing, Integration Testing, Performance Testing, and Load and Stress testing
etc. before Go-Live.
The agency shall obtain the sign-off from NHA on testing approach and plan. The
agency shall perform the testing of the solution based on the approved test plan,
document the results and shall fix the bugs found during the testing. The overall
responsibility of testing the system lies with the agency.
4.4.2. Manpower support
a. The bidders as a part of their project proposal shall have to submit a resource plan
for the number and type of resources, along with their experiences, who shall be
deployed on-site for implementation and O&M of the project for the entire project
period.
b. The selected Bidder shall deploy the team of resources for implementation,
operations and maintenance till the end of contract period/exit management phase.
The agency shall comply with the biometric attendance at NHA (if desired by NHA).
It shall be the responsibility of the agency to scale up the Operations & Maintenance
(O&M) team as and when required to confirm smooth project execution throughout the
duration (at no extra cost to NHA).
4.4.3. Performance testing
The agency shall carry out the performance testing activity (load/ stress/ volume testing)
on yearly basis to ensure that the application meets the required speed, flexibility,
scalability and stability requirements under the expected workloads and provide its
recommendations for improvement (if any).
4.4.4. Capacity Building
Agency shall be required to provide training to the end users associated with the usage
of the solution, to enable them to effectively operate and perform the relevant functions.
Page 38 of 94
RFP: Fraud Control Analytics Platform and Services
Agency shall carry out a comprehensive training needs analysis and design the training
program accordingly.
The agency shall ensure a proper hands-on training/capacity building to end-users
(approx. 120 users) designated by NHA so as to make them well conversant with all the
functionalities, features and processes built in the Fraud Analytics Control and
Trancking System. It is mandatory for the agency to provide a minimum of 40 hours
of training to each of the end user i.e. NHA/SHA officials during a calendar year.
If 10% of users reports to NHA that the training provided to them was unsatisfactory or
less than satisfactory, then the agency would re-conduct the same training at no extra
cost.
Location of the training shall be NHA Office.
Agency shall design a calendar of training activities in consultation with NHA. The
calendar designed shall identify the type of training, topics to be covered and the details
on trainee, trainer and the venue.
Agency shall create necessary performance support material such as user manual, job
aids, online reference manual, frequently asked questions, training documentation,
assessments and other content etc.
4.4.5. Incident management and help desk
A helpdesk management should be in place wherein end-users are allowed to create a
ticket for any problem(pertaining to bidder deliverables or system/platform) faced by him
and same should be closed by the agency’s team after the resolution of the problem (As
per the SLA).
4.4.6. Exit and transition management
The responsibilities of the agency pertaining to exit management after the end of the
contract are as follows:-
a. The agency shall submit its structured and detailed transition and exit management
plan and submit the same to NHA for approval and sign-off
All risk during transition stage shall be properly documented by the agency and
mitigation measures shall be planned in advance so as to ensure a smooth transition
without any service disruption.
Replacement of key resources during exit management shall be subject to NHA
approval.
Service level ownership, during exit, shall belong to the NHA. The agency is required to
deliver the operations and maintenance activities during this phase and payments to the
vendor shall be applicable as per RFP
The agency shall ensure that a proper and satisfactory handover is made to the other
agency (in case transition is there). This shall include transfer of all assets (Hardware,
Page 39 of 94
RFP: Fraud Control Analytics Platform and Services
Software and all the documents) in working conditions after inspection and approval of
NHA.
The agency shall ensure business continuity i.e. business as usual of the project during
exit management. The agency shall be in complete ownership of all scope related items.
The agency shall be released from the project once successful transition is completed
by meeting the parameters defined for successful transition
knowledge, acumen and skills of the replacement resource and is convinced of the
same. In case, the replacement resource is not found to be satisfactory, Agency will
need to find another replacement resource within 7 days . The replacement resource
and the resource transitioning out should have a minimum overlap of 3 weeks to
ensure continuity. Failure to deploy the resource in time shall invite penalty of 1%
(of Total contract value) for each week of delay
f. NHA shall reserve the right to interview resources proposed by the Bidder.
g. The resources proposed shall necessarily be Indian citizens.
h. The agency shall undertake necessary due diligence to ensure that the personnel
deployed have a high level of integrity and high standard of trustworthiness.
i. Bidders should note that, during any subsequent stages of this procurement, NHA
may ask for background check and/or security verification (Police verification) of
resources proposed by the Bidder and Bidders needs to comply with the same. This
is necessary considering the criticality of the Project.
j. The agency shall deploy team consisting of minimum of following members for the
project within fifteen (15) days of date of Signing of Agreement / receiving of LOI.
Failure to deploy the resources shall invite penalty of 1% (of Total contract value)
for each week of delay
Note-
a. All project deliverables will be subject to a review and approval process and will be
signed off by the NHA.
Page 41 of 94
RFP: Fraud Control Analytics Platform and Services
Peer reviews will be held for business design and technical design documents, and code-
walkthroughs
4.8.1. Phase 1: Development and testing phase
Sl. Deliverable (Phase 1) Delivery time frame
No.
1. Performance Bank guarantee As defined in section 8
of the RFP
2. Detailed Project Plan including risk management plan, IT At on-boarding (T)
security plan and resource deployment plan for
development phase and operations and maintenance
phase.
3. IT hardware assessment At on-boarding (T)
Page 42 of 94
RFP: Fraud Control Analytics Platform and Services
5. Instructions to Bidders
5.1. Objectives of this RFP
The National Health Authority (hereinafter to be referred as NHA), through this RFP, invites
Proposals from eligible firms shortlisted through the EoI Process (hereafter referred as
‘Bidders’) for selection of agency’s which can meet the evaluation criteria specified in this RFP
and deliver the scope. The project information and the broad scope of work is detailed in Section
4 of this RFP.
The following organizations are eligible to apply through this RFP:
a. MFX Infotech Privat limited
5.2. General
a. While every effort has been made to provide comprehensive and accurate
information about requirements and specifications, bidders must form their own
conclusions about the solution needed to meet the requirements specified in the
RFP.
b. The requirements of the RFP shall prevail over any information in the Bid. However,
all information supplied by the successful bidder will be treated as contractually
binding on the bidder.
c. This RFP supersedes and replaces any previous public documentation and
communications, and bidders should place no reliance on such communications.
d. No commitment of any kind, contractual or otherwise shall exist unless and until a
formal written contract has been executed by or on behalf of NHA.
e. NHA may cancel this bid process at any time prior to a formal written contract being
executed by or on behalf of NHA.
f. This RFP document is non-transferable.
g. The RFP should not be used to market the bidder’s product or services.
Page 43 of 94
RFP: Fraud Control Analytics Platform and Services
Page 44 of 94
RFP: Fraud Control Analytics Platform and Services
in accordance with the terms and conditions (including timelines for furnishing
PBG) of this RFP.
If the bidder is found indulging in any corrupt, fraudulent or other malpractice in
respect of the bid;
If there is a discrepancy between words and figures quoted by the bidder and
the bidder does not accept that the amount in words that would prevail over
amount in figures.
5.6. Consortium/Sub-Contracting
If required the bidder is allowed to utilize services of a third party for the following
activities:
I. System Administration
II. Maintenance of Software
The bidder will be responsible to oversee the work done by the third party all the time.
However the core business and functional activities should completely be executed by
the bidder these include, however not limited to:
I. Requirement gathering and understanding
II. Defining rules
III. Business rule configurations
IV. Overall project management
V. Executing the fraud triggers, Reports, MIS etc.
VI. Running day to day business activities
VII. Discussion with Key stakeholders
Page 45 of 94
RFP: Fraud Control Analytics Platform and Services
Bidder will be required to intimate NHA about role segregation of their proposed third
party agency at the time of submitting RFP, however the overall responsibility of the
project and ownership will lie with bidder and no exception shall be allowed as regards
the milestone, deliverables and penalties.
Requirement for third party:
The bidder can only allowed to utilize services of the third party who meets the following
criteria:
I. A company incorporated in India under the Companies Act, 2013 or any other
previous
Companies Act, amendments from time to time
II. Implementation partner should not have been blacklisted or under declaration of
ineligibility for corrupt or fraudulent practices by Govt. of India/State
Government/Central PSU at the time of bid submission date.
III. It should a positive net worth
IV. Should have been operating for the last five years as on the date of publishing of
RFP notice
(including name change/impact of mergers or acquisitions).
Page 46 of 94
RFP: Fraud Control Analytics Platform and Services
attach a scanned copy of the physically signed and stamped Integrity Pact, Letter of
Authorization/board resolution/power of attorney and the EMD.
5.9. Language
The Proposal must be filled by the bidders in English language only. If any supporting
documents submitted are in any language other than English, translation of the same in English
language is required and should be duly attested by the Bidder. For purposes of interpretation
of the documents, the English translation shall govern.
NHA and the bidders previously subject to the original deadline will thereafter be
subject to the deadline as extended.
5.16. Disqualification
The Proposal is liable to be disqualified in, inter alia, any of the following cases or in case the
Bidder fails to meet the bidding requirements as indicated in this RFP:
a. Bid not submitted in accordance with the terms, procedure and formats prescribed
in this document or treated as non-conforming proposal;
b. During validity of the bid, or its extended period, if any, the Bidder increases its
quoted price after the submission of the bid;
The Bidder’s Proposal is conditional and has deviations from the terms and conditions of RFP.
The Proposal is received in incomplete form;
Page 48 of 94
RFP: Fraud Control Analytics Platform and Services
5.17. Confidentiality
Information relating to the examination, clarification and comparison of the RFP shall not be
disclosed to any persons not officially concerned with such process until the process is over.
Undue use of confidential information related to the process by any firm may result in rejection
of its RFP.
Page 50 of 94
RFP: Fraud Control Analytics Platform and Services
Page 51 of 94
RFP: Fraud Control Analytics Platform and Services
Page 52 of 94
RFP: Fraud Control Analytics Platform and Services
6. Bid Process
6.1. Pre-Bid Queries
Any clarification regarding the RFP can be submitted to NHA as per the submission mode and
timelines mentioned in the Fact Sheet. The pre-bid queries should be submitted in the format
as mentioned in Annexure I of this RFP, along with name and details of the Bidder submitting
the queries. Any requests for clarifications received after the expiry of the due date and time
mentioned in the fact Sheet shall not be entertained by NHA. Further, NHA reserves the right
to issue or not issue any responses/clarifications/ corrigendum at its own discretion.
Page 55 of 94
RFP: Fraud Control Analytics Platform and Services
Page 56 of 94
RFP: Fraud Control Analytics Platform and Services
Page 57 of 94
RFP: Fraud Control Analytics Platform and Services
Page 58 of 94
RFP: Fraud Control Analytics Platform and Services
Page 59 of 94
RFP: Fraud Control Analytics Platform and Services
Page 60 of 94
RFP: Fraud Control Analytics Platform and Services
8. Award of Contract
8.1. Award Criteria
NHA will award the Contract to the successful bidder (“best valued bidder” as per section 7.2.4)
whose proposal has been determined to be substantially responsive and has been determined
as the most responsive bids as per the process outlined above (in section 7 of this RFP) i.e.
bidder with Highest On score.
Page 61 of 94
RFP: Fraud Control Analytics Platform and Services
shall also submit the Performance Bank Guarantee (PBG) in accordance with the
terms of this RFP. Refer Annexure V.
h. Within 7 days of the notification of award, the successful bidder shall execute the
Services Agreement/contract.
If the successful bidder fails to execute the agreement or furnish the PBG within the stipulated
time period (or such other extended timelines as agreed by the NHA in its sole discretion), the
NHA shall have the right to forfeit the EMD of successful bidder and award the work to the next
successful bidder.
The successful bidder is expected to commence its service within 7 days from its acceptance
to notification of award of contract by NHA.
Page 62 of 94
RFP: Fraud Control Analytics Platform and Services
9. Payment Terms
a. The payments shall be made to the selected agency on the basis of the amount
specified by the bidder in their commercial proposals (Annexure IV, section 13.2).
b. The payments are divided as per the following table:
i. Fixed Value: This shall be 50% of the overall cost quoted by the selected
bidder. The same shall be divided as:
ii. Variable Value: The variable value shall be 50% of the total cost value quoted
by the selected bidder. This shall be dependent on the total amount of True
Positive Cases / Total Amount of case submitted (during the review period)
and further be payable as:
<<Please insert the table in the presentation>>
Payment of the variable component will be 100% “outcome based.”
The payments to the agency shall be subject to the fulfillment of the following service levels and
penalties-
Page 65 of 94
RFP: Fraud Control Analytics Platform and Services
Page 66 of 94
RFP: Fraud Control Analytics Platform and Services
Page 67 of 94
RFP: Fraud Control Analytics Platform and Services
Page 68 of 94
RFP: Fraud Control Analytics Platform and Services
Page 69 of 94
RFP: Fraud Control Analytics Platform and Services
Page 70 of 94
RFP: Fraud Control Analytics Platform and Services
Name (Authorized
Signatory)
Designation
Company
Address
Contact Number
e-Mail ID
Date
not be responsible for the same and such queries may be discarded from providing
any response.
k. The bidders to ensure that no cell merging (in excel) is done by them while preparing
the query.
The bidders to ensure that each of the query submitted by them is unique and no duplicate
query is submitted by them as a result of copy-paste. It is expected from the bidder to carry out
its own due-diligence before submitting the queries.
Bidders are expected to do a thorough check of the queries and ensure the completeness of
the queries and spelling checks etc. before submitting the same to NHA.
Page 72 of 94
RFP: Fraud Control Analytics Platform and Services
Dear Sir/s,
WITNESS
…..………………….……… …………..………………….………
(Signature) (Signature)
……..………………….……… ……………..………………….………
(Name) (Name)
……..………………….……… ……………..………………….………
Have a relationship with each other, directly or through common third parties, that puts them in
a position to have access to information about or influence on the Bid of another Bidder, or
Influence the decisions of NHA regarding this bidding process; or
Participation in more than one bid in this bidding process. Participation in more than one Bid
will result in the disqualification of all Bids. However, this does not limit the inclusion of the same
product (commercially available hardware, software or network product manufactured or
produced by the firm), as well as purely incidental services such as installation, configuration,
routine training and ongoing maintenance/support, in more than one bid; or
Participation as a consultant in the preparation of the design or technical specifications of the
goods and services that are the subject of the bid.
Association as Consultant/ Advisor/ Third party independent evaluating agency with any of the
agencies taking part in the bid process.
Sincerely,
(Signature)
(Name and signature of Company Secretary)
Page 75 of 94
RFP: Fraud Control Analytics Platform and Services
2. Year Established
4. PAN
5. GST
6. CIN
9. Mobile
10. Telephone
Page 76 of 94
RFP: Fraud Control Analytics Platform and Services
<Functional>
< Development>
…..
Operations team
Maintenance team
Enhancement team
Analytics team
…..
Page 77 of 94
RFP: Fraud Control Analytics Platform and Services
Experience in yrs. (Provide details regarding name of organizations worked for, Designation,
responsibilities, tenure etc.atleast for last 5 years)
S. Name of From To Designation/
No. Employer Responsibilities
1.1. 1
1.2. 2
1.4. 2
1.6. 2
Page 78 of 94
RFP: Fraud Control Analytics Platform and Services
This is to certify that our offer is exactly in consonance with your RFP no. _________ dated
__________ issued by National Health Authority and subsequent amendments/corrigendum’s
etc. This is to expressly certify that our offer contains no deviation on the solution requirements
and scope of work, Legal or Commercial aspects as specified in the RFP in either direct or
indirect form.
Page 79 of 94
RFP: Fraud Control Analytics Platform and Services
Ref: Submission of Commercial proposal for Request for Proposal (RFP) Notification
No._________ dated__________
Dear Sir,
a. Having examined the RFP document, we, the undersigned, herewith submit our
response to your RFP Notified vide No. ____________________ dated
__________ for NHA, in full conformity with the said RFP document.
n. We, the undersigned, offer to provide services to NHA in accordance with your RFP.
We have read the provisions of the RFP document, confirm our acceptance for the same and
we are hereby submitting our commercial Bid.
We agree to abide by this RFP, consisting of this letter, commercial bid and all requisite
supporting documents, for a period of 3 years from the closing date fixed for submission of bid
as stipulated in the RFP document.
We would like to declare that we are not under a declaration of ineligibility for corrupt or
fraudulent practices anywhere in India.
We hereby declare that we have not been charged with any fraudulent activities by any
Central/State/UT Government, PSU or autonomous body under Government of India or any
State Government.
Page 80 of 94
RFP: Fraud Control Analytics Platform and Services
Yours sincerely,
Signature of Authorized Signatory [In full as well as initials]: _______________
Name and Title of Signatory: ________________________________________
Name of Firm: ______________________________________________________
Address: ___________________________________________________________
Page 82 of 94
RFP: Fraud Control Analytics Platform and Services
To
General Manager (IT)
National Health Authority
9th Floor, Tower-I
Jeevan Bharti Building
Connaught Place
New Delhi – 110001
Dear Sir,
a. In consideration of the National Health Authority, Government of India, on behalf of
the CEO, NHA on behalf of the Authority, (hereinafter referred to as the ‘NHA’ which
expression shall unless repugnant to the context or meaning thereof include its
successors, administrators and assigns) having awarded to
M/s……………………………. with its Registered/Head office at ………………………
(hereinafter referred to as the “Agency” which expression shall unless repugnant to
the context or meaning thereof, include its successors, administrators, executors
and assigns), a Contract by issue of Notification of award No……………. dated
………. and the same having been acknowledged by the Agency, resulting in a
Contract, bearing No…………. dated…………valued at………for………… (scope of
Contract) and the Agency having agreed to provide a Contract Performance
Guarantee for the faithful performance of the entire Contract not exceeding ₹.
……………….. (in words & figures).
o. We……………………………… (Name & Address of Bank Branch) having its Head
office at ………………………………. (hereinafter referred to as the ‘Bank’, which
expression shall, unless repugnant to the context or meaning thereof, include its
successors, administrators, executors and assigns) do hereby guarantee and
Page 83 of 94
RFP: Fraud Control Analytics Platform and Services
undertake to pay the amounts due and payable under this guarantee without any
demur, reservation, context, recourse or protest and/or without any reference to the
Agency merely on a demand from the NHA stating that the amount claimed is due
by way of loss or damage caused to or would be caused to or suffered by the NHA
by reason of breach by the said Agency(s) of any of the terms or conditions
contained in the said Agreement or by reason of the Agency(s)’ failure to perform
the said Agreement. Any such demand made on the Bank shall be conclusive and
binding not withstanding any difference between the NHA and the Agency or any
dispute pending before
Any Court, Tribunal, Arbitrator or any other authority. We agree that the guarantee herein
contained shall be irrevocable and shall continue to be enforceable till the NHA discharges this
guarantee.
The NHA shall have the fullest liberty without affecting in any way the liability of the Bank under
this guarantee, from time to time to extent the time for performance of the Contract by the
Agency. The NHA shall have the fullest liberty, without affecting this guarantee, to postpone
from time to time the exercise of any powers vested in them or of any right which they might
have against the Agency, and to exercise the same at any time in any manner, and either to
enforce or to forbear to enforce any covenants, contained or implied, in the Contract between
the NHA and the Agency or any other course or remedy or security available to the NHA. The
Bank shall not be released of its obligations under these presents by any exercise by the NHA
of its liberty with reference to the matters aforesaid or any of them or by reason of any other act
of omission or commission on the part of the NHA or any other indulgences shown by the NHA
or by any other matter or thing whatsoever which under law would, but for this provision have
the effect of relieving the Bank.
The Bank also agrees that the NHA at its option shall be entitled to enforce this Guarantee
against the Bank as a principal debtor, in the first instance without proceeding against the
Agency and not withstanding any security or other guarantee the NHA may have in relation to
the Agency’s liabilities.
This guarantee will not be discharged due to the change in the constitution of the Bank or the
Agency.
Notwithstanding anything contained hereinabove:
Our liability under this guarantee is restricted to ₹. ……………. (in words &
figures).
This Bank Guarantee will be valid up to ………………….; and
Page 84 of 94
RFP: Fraud Control Analytics Platform and Services
We are liable to pay the guarantee amount or any part thereof under this Bank
Guarantee only upon service of a written claim or demand by you on or before
…………..
In witness whereof the Bank, through its authorized officer, has set its hand and stamp on
this……………. day of………….2018 at…………
WITNESS
…..………………….……… …………..………………….………
(Signature) (Signature)
……..………………….……… ……………..………………….………
(Name) (Name)
……..………………….……… ……………..………………….………
(Official Address) (Designation with Bank Stamp)
Page 85 of 94
RFP: Fraud Control Analytics Platform and Services
• The compliance of the Agency with any other obligation under the contract.
• Security audit and implementation audit of the system shall be done once each
year, the cost of which shall be borne by the Bidder.
• For the avoidance of doubt the audit rights under this schedule shall not include
access to the Agency's profit margins or overheads, any confidential information
relating to the Bidder’ employees, or minutes of its internal Board or Board
committee meetings including internal audit, or such other information of
commercial-in-confidence nature which are not relevant to the Services
associated with any obligation under the contract
Data Security & Privacy Requirements
Agency shall be responsible to protect the privacy, confidentiality, and security of the NHAs
data. Agency must comply with international standards for data protection including ISO 27001,
and applicable regulations including IT Act and Amendments, Aadhaar Act (as applicable) and
Regulations, and proposed data privacy act and regulations including Data Protection Act and
other applicable laws and regulations, which the NHA may want the Agency to comply with.
Agency shall ensure that these security and privacy requirements are been adequately
implemented across the setup. The effectiveness shall be evaluated on a regular basis to
ensure the continuity of security and privacy requirements.
The Agency shall ensure the security and privacy requirements including, but not limited to, the
following:
• Ensure the compliance to security requirements as detailed above and also to
requirements and guidelines published by NHA from time to time. Agency shall
also ensure the compliance to upcoming security and privacy requirements as
and when these become applicable.
• Setup an assurance process to periodically review the compliance to security
and privacy requirements.
• Ensure that during the development of the product has been performed using
securing coding practices and through development methodlogy
• Agency shall be responsible for maintenance of all software managed with latest
updates, specifically related to security vulnerabilities.
• Host the systems and devices processing the data within the data centers
located in India.
• Ensure policies & procedures for secure disposition of electronic data on which
the data resides (e.g., wiping hard drive, or other method of destruction)
Page 87 of 94
RFP: Fraud Control Analytics Platform and Services
• Ensure maintenance of system and application audit logs in line with applicable
regulations including IT Act and Amendments, Aadhaar Act (as applicable), and
any other Regulations made applicable from time to time.
• Ensure in case of any incident / breach notification timely (Not more than 24 hrs
of identification) intimate appropriate stakeholders of NHA and respond to
incidents / breach as per the Regulatory requirements, and international best
practices.
• NHA shall have authority to conduct (or through external agency) periodical
assessment of the security requirements to ensure compliance with security
policies, procedures, and Regulations.
• Agency shall have an appropriate contingency plan (including backup) to recover
the application services / data as and when required (including during any
disaster)
The service provider shall keep the confidentiality, maintain secrecy of all confidential
information and shall not, at any time, divulge such or any part thereof to any third party except
as may be compelled by any court or agency of competent jurisdiction, or as otherwise required
by law, and shall also ensure that same is not disclosed to any person voluntarily, accidentally
or by mistake.
Compliance with Aadhaar Act (as applicable) and Regulations: The
Service Provider and all their associates shall comply with the relevant
provisions of the Aadhaar Act 2016 and the Aadhaar Regulations 2016, while
receiving, transmitting, storing, processing or handling Aadhaar Data, including
Aadhaar Number, Demographic and Bio-metric data. Without prejudice to the
specific provisions of the Act and the Regulations, the following provisions are
brought to the notice of the bidders.
i. Any individual, entity or agency, which is in possession of Aadhaar number(s)
of Aadhaar number holders, shall ensure security and confidentiality of the
Aadhaar numbers and of any record or database containing the Aadhaar
numbers.
ii. Any individual, entity or agency, which is in possession of Aadhaar number(s)
of Aadhaar number holders shall not make public any database or record
containing the Aadhaar numbers of individuals, unless the Aadhaar numbers
have been redacted or blacked out through appropriate means, both in print
and electronic form.
Page 88 of 94
RFP: Fraud Control Analytics Platform and Services
iii. Such individual, agency or entity shall not share the Aadhaar number with any
person or entity.
iv. No entity, including a requesting entity, shall require an individual to transmit
his Aadhaar number over the Internet unless such transmission is secure and
the Aadhaar number is transmitted in encrypted form except where
transmission is required for correction of errors or redressal of grievances. No
entity, including a requesting entity, shall retain Aadhaar numbers or any
document or database containing Aadhaar numbers for longer than is
necessary for the purpose specified to the Aadhaar number holder at the time
of obtaining consent.
Strategic Control of Operations to be provisioned
The final strategic control and governance shall still be with NHA for all its IT and Fraud Control
landscape management and operations.
For ensuring strategic control of the operations –
• Approval of NHA shall be taken prior making changes / modifications of the
deployed solution, database, data, configurations, security solutions etc. of the
Government Community Cloud where such changes may affect the solutions of
NHA.
• NHA shall own the super admin access of the application
• For any changes (including auto-provisioning and others that may or may not
need prior approval) to the underlying cloud infrastructure, software, etc. under
the scope of the agency, that has the potential to affect the SLAs (performance,
availability, etc.), NHA shall get alerts / notifications from the Agency, both as
advance alerts and post implementation alerts.
• NHA at its discretion may involve further users to facilitate the strategic control.
Page 89 of 94
RFP: Fraud Control Analytics Platform and Services
Page 90 of 94
RFP: Fraud Control Analytics Platform and Services
Page 91 of 94
RFP: Fraud Control Analytics Platform and Services
Bidder(s)/Contractor(s) who have signed the Integrity pact shall not approach
the courts while representing the matter to IEMs and shall wait for their decision
in the matter.
The Bidder(s)/Contractor(s) will not instigate third persons to commit offences outlined above
or be an accessory to such offences.
Section 3: Disqualification from tender process and exclusion from future contract
If the Bidder(s)/Contractor(s), before award or during execution has committed a transgression
through a violation of Section 2 above or in any other form such as to put his reliability or
credibility in question, the Principal is entitled to disqualify the Bidder(s)/Contractor(s) from the
tender process or to terminate the contract, if already signed, for such reasons.
Section 4: Compensation for Damages
a. If the Principal has disqualified the Bidder(s) from the tender process prior to the
award according to Section 3, the Principal is entitled to demand and recover the
damages equivalent to Earnest Money Deposit/Bid Security.
p. If the Principal has terminated the contract according to Section3, or if the Principal is
entitled to terminate the contract according to Section3, The Principal shall be entitled
to demand and recover from the Contractor liquidated damages of the Contract
value or the amount equivalent to Performance Bank Guarantee.
Section 5: Previous Transgression
a. The Bidder declares that no previous transgressions occurred in the last three
years with any other company in any country conforming to the anti-corruption
approach or with any other government (Central/State/PSU’s) in India that could justify
his exclusion from the tender process.
q. If the bidder makes incorrect statement on this subject, he can be disqualified from
the tender process and appropriate action can be taken including termination of the
contract, if already awarded, for such reasons.
Section 6: Equal treatment of all Bidders/Contractors/Subcontractors.
a. In case of sub-contracting, the principal contractor shall take the responsibility of the
adoption of Integrity pact by the sub-contractors.
r. The Principal will enter into agreements with the identical conditions as this one with
all bidders, contractors and sub-contractors.
The Principal will disqualify from the tender process all bidders who do not sign this Pact or
violate its provisions.
Section 7: Criminal charges against violating Bidder(s) / Contractor(s) / Sub-
contractors(s).
Page 92 of 94
RFP: Fraud Control Analytics Platform and Services
If the Monitor has reported to the CEO, NHA, a substantiated suspicion of an offence under
relevant IPC/PC Act, and the CEO, NHA has not, within the reasonable time taken visible action
to proceed against such offence or reported it to the Chief Vigilance Officer, the Monitor may
also transmit this information directly to the Central Vigilance Commissioner.
The word “Monitor” word include both singular and plural.
Section 9: Pact Duration
This pact begins when both parties have legally signed it. It expires for the Contractor 12
months after the last payment under the contract, and for all other Bidder 6 months after
the contract has been awarded. Any violation of the same would entail disqualification of the
bidders and exclusion from future business dealings.
If any claim is made/lodged during this time, the same shall be binding and continue to
be valid despite the lapse of this pact as specified above, unless it is discharged/determined
by CEO, NHA.
Section 10: Other Provisions
a. This agreement is subject to Indian Law. Place of performance and jurisdiction is the
Registered Office of the Principal i.e. New Delhi.
t. Changes and supplements as well as termination notices need to be made in writing.
Side agreements have not been made.
If the contractor is a partnership or a consortium, this agreement must be signed by all partners
or consortium members.
Should one or several provisions of this agreement turn out to be invalid, the remainder of this
agreement remains valid. In this case, the parties will strive to come to an agreement to their
original intentions.
Issues like Warranty / Guarantee etc. shall be outside the purview of IEMs.
In the event of any contradiction between the Integrity pact and its annexure, the clause of the
Integrity pact will prevail.
__________________________ __________________________
(For & on behalf of the Principal) (For & on behalf of Bidder/Contractor)
(Office Seal) (Office Seal)
Place _____________
Date ______________
Witness 1:
(Name & Address)
Witness 2:
(Name & Address)
Page 94 of 94